GitHub-hosted runners: Public Beta of Ubuntu 24.04 is now available
We are happy to announce the beta release of the Ubuntu 24.04 image for GitHub Actions hosted runners. To start using this in your Actions workflows, update your workflow file…
dependabot-core is now open source with an MIT license
We’re excited to announce that the dependabot-core project is being relicensed under the MIT License, making it easier for the community to contribute to Dependabot. Keeping dependencies updated is a…
GitHub Copilot Metrics Updates
We’ve updated how we calculate Last Activity to give you better clarity and are pausing access to the Team endpoint in the Metrics API. Updating the Last Activity calculation Ahead…
Security alerts tool trends on the security overview dashboard
The new Tool group-by option on the security overview trends graph provides a visualization of alert trends, organized by the security tools that detected each vulnerability. It’s designed to improve…
Signing up for GitHub Sponsors just got easier
We’ve simplified the signup flow to make it easier for maintainers to join Sponsors. If you’re in a supported region, your profile will be accepted immediately. If you live in…
Actions: New region support for Azure private networking
Azure private networking was made generally available in April 2024 with 11 available regions. GitHub Actions has expanded the number of supported regions to 17, with the following new additions:…
Secret scanning push protection for file uploads
Secret scanning is expanding coverage for push protection to repository file uploads made via a browser. If push protection is enabled for a repository, secret scanning will now also block…
Code Scanning will stop combining runs from a single upload
When uploading a SARIF file that contains multiple SARIF runs for the same tool and category, Code Scanning combines those runs into a single run. Combining multiple runs within the…
[GA] Guest Collaborators for enterprise managed users
Guest Collaborators for GitHub Enterprise Cloud EMUs are now generally available. Originally announced in public beta at the end of last year, this feature allows an identity provider to assign…
[Public Beta] Repository collaborators for Enterprise Managed Users
Enterprise Managed Users can now be added directly to a repository in their enterprise as a collaborator, without becoming a member of the organization. These users function like outside collaborators,…
Dependabot pull requests jobs are now available to run on self hosted GitHub Actions runners
Previously, developers who used private registries to host their packages on internal networks could not use Dependabot to update the versions of those packages in their code. With this change,…
Artifact Attestations public beta
Create a tamper-proof papertrail for anything you build on Actions Artifact Attestations lets you sign builds in GitHub Actions, capturing provenance information about the artifact and making it verifiable from…
New and updated audit log events for secret scanning non-provider patterns
Audit log events are now created when secret scanning non-provider patterns are enabled or disabled at the repository, organization, or enterprise level. The existing secret_scanning_alert event now includes a secret_type…
GitHub Apps can now use the client ID to fetch installation tokens
Developers of GitHub Apps can simplify their application by using the client ID for both OAuth flows and the installation token flow. To date, GitHub Apps have had two different…
Audit Log Streaming Health Check is Generally Available
GitHub’s audit log streaming health check is now generally available! The purpose of the audit log health check is to ensure audit log streams do not fail silently. Every 24…
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
GitHub Universe 2025
Last chance: Save $700 on your IRL pass to Universe and join us on Oct. 28-29 in San Francisco.